|
|
|
|
“The virtual router feature creates a paradigm shift in today’s requirements to insert and deliver value-added services at the edge of the network. This unique capability reduces service providers’ capital investment and operational costs, dramatically altering network economics and enabling new wholesale services.”
-- Jennifer Liscom, principal analyst, Gartner Inc.
If you’re reading this newsletter, you already know some of the reasons for the switch to IPv6 and what they will mean for the connected world. We can count on increasingly easy peer-to-peer communication, secured in part with the mandatory implementation of IPSec. We can look forward to the phasing out of Network Address Translators (NATs). We anticipate freed-up resources and bandwidth that will be used for increasingly complex transmissions (for example, streaming video). There will be true mobility without service interruption (mobile IP), and real-time services will benefit from increasingly effective QoS. As for address space we all know that IPv6 provides trillions of addresses per square inch of the earth’s surface.
The IETF’s RFC 2547 applies to IPv4 as well as IPv6. It is important to address this RFC in an IPv6-oriented forum, as it is one of the documents that will guide the next-generation IP network infrastructure. Router makers are already building in MPLS and BGP along with virtual routing, and carriers are increasingly building networks specifically VPNs using RFC 2547 guidelines. This article will give a brief overview of RFC 2547 and then discuss virtual routing, an essential component of building effective VPNs using MPLS and BGP.
As RFC 2547 states, “This document describes a method by which a Service Provider with an IP backbone may provide VPNs (Virtual Private Networks) for its customers. MPLS (Multiprotocol Label Switching) is used for forwarding packets over the backbone, and BGP (Border Gateway Protocol) is used for distributing routes over the backbone.”
The VPN is defined as a set of sites that are attached to a common network, but whose data is handled separately from all other data on that network. Sites that are part of the VPN may use the common network only if they both belong to a defined subset of the main set of sites attached to the common network. The defined subset is called a “Virtual Private Network”, or VPN. Within this model, two sites that are not part of a common VPN are not able to connect over the common network generally referred to as the “backbone.”
Touted by many as being just as secure as Frame Relay and ATM, MPLS is a WAN transport technology that offers high forwarding speeds, bandwidth management and the kind of scalability and disaster recovery usually associated with IP. MPLS was designed to be used in service providers’ edge routers, referred to as PE devices in IETF documents. When a PE device receives an IP packet, it will encapsulate the packet into an MPLS packet. From there, the packet will be routed using information in the MPLS header.
One of the primary reasons to use MPLS is to get around limitations of IP routing. For instance, IP routing protocols are designed to use Open Shortest Path First (OSPF) and Intermediate System Intermediate System (IS-IS). These methods of routing information from one point to another do not take into account the delay-sensitivity of certain types of information. For example, voice data requires real-time transmission while email data can certainly be delayed without adverse consequences. MPLS allows for traffic engineering that can override IP path choices based on a wider range of packet attributes. This traffic engineering is the primary benefit of MPLS, although there are other benefits, such as scalability, disaster recovery, and, some claim, the ability to do more with less bandwidth.
RFC 2547 explains that PE routers use BGP to distribute VPN routes to each other or, more accurately, to cause VPN routes to be distributed to each other. Cisco Systems notes, in its “BGP Case Studies,” that BGPs create loop-free interdomain routing between autonomous systems (AS). An AS is a set of routers under a single technical administration. Routers in an AS can use multiple interior gateway protocols to exchange routing information inside the AS and an exterior gateway protocol to route packets outside the AS.
When two BGP routers form a connection, they can exchange network information which consists of route tables, or paths that a route should travel to reach destination networks.
The MPLS and BGP discussion is centered around the notion of routing. Internet backbone servers maintain routers and routing tables that identify billions of addresses on the Internet. [See Figure 1.]
Figure 1: In a conventional model, ISPs maintain routers and routing tables
for each network that they service.
The impracticality of having individual routing tables associated with only one physical router has led over the last few years to the notion and implementation of virtual routers. A virtual router consists of any number of TCP/IP stacks built into one. In Figure 1, a virtual router would include three TCP/IP stacks built into one. However, the model is not limited to any particular number (in fact, if your processing power is strong enough, you can have over 65,000 stacks without any additional physical routers!). The stacks look and behave like independent stacks, yet the only things that really need to be independent are the routing tables. This important aspect is addressed below.
In virtual routing, the TCP/IP stack will be configured with a virtual routing ID for each network interface. This way, Organization A may have any number of its own networks with the same ID. This ID will always be associated with Organization A, and the virtual router will know it.
Figure 2: The virtual router can replace thousands of conventional
routers.
The primary advantage of using virtual routers is the tremendous
cost savings they create. Instead of having three routers (hardware) assigned
to organizations A, B and C, we have only one. In the case of many carriers
or ISPs, we’re not talking about three organizations but rather thousands.
Therefore, an implementation of virtual routing can save the cost of thousands
of pieces of hardware, not to mention maintenance and upgrades. Upgrading
becomes especially easy when dealing with a software-centric model (consider
upgrading a single box instead of thousands), and there are added benefits
with ease of configuration and space savings. For the customers, however,
it will always appear as if they have their own router. In effect, they do;
it just doesn’t have any hardware.
Service providers either build or purchase routers with TCP/IP stacks that offer virtual routing. Given the increasing use of virtual routing, the market is producing a variety of options from which to choose. The following points are worth thinking about when considering a TCP/IP stack with virtual routing capabilities:
Whether creating VPNs using RFC 2547 as a guideline or designing IPv6-enabled devices for tomorrow’s tele- and data communications, we are bound to see additional use of MPLS, BGP and virtual routers. The sources of information and expertise on these subjects will proliferate, as will the choices for those who wish to incorporate communications and administration capabilities into their systems. The advent of IPv6 offers us an opportunity to create and disseminate a new generation of powerful and flexible products that take advantage of the new landscape, while eliminating some of the encumbrances endemic to the IPv4 paradigm.
For more information, contact John Lawitzke, jhl@interpeak.com, or visit www.interpeak.com